Merge a2bc1b5196 into 8afba8ca16

2025-07-22 05:29:46 +03:00 · 2017-10-02 17:46:00 +00:00 · 2017-10-02 17:46:00 +00:00 · 617e9b489e
commit 617e9b489e
parent 8afba8ca16 a2bc1b5196
4 changed files with 40 additions and 1 deletions
--- a/rest_auth/tests/test_api.py
+++ b/rest_auth/tests/test_api.py
@ -493,3 +493,17 @@ class APITestCase1(TestCase, BaseAPITestCase):

        self.post(self.login_url, data=payload, status_code=status.HTTP_200_OK)
        self.get(self.logout_url, status_code=status.HTTP_405_METHOD_NOT_ALLOWED)
+
+    def test_user_authentication_status(self):
+        user = get_user_model().objects.create_user(self.USERNAME, self.EMAIL, self.PASS)
+
+        self._login()
+        self.token = self.response.json['key']
+
+        self.get(self.user_authenticated_status_url, status_code=200)
+        self.assertTrue(self.response.json['authenticated'])
+
+        self._logout()
+
+        self.get(self.user_authenticated_status_url, status_code=401)
+        self.assertFalse(self.response.json['authenticated'])
--- a/rest_auth/tests/test_base.py
+++ b/rest_auth/tests/test_base.py
@ -97,6 +97,7 @@ class BaseAPITestCase(object):
        self.register_url = reverse('rest_register')
        self.password_reset_url = reverse('rest_password_reset')
        self.user_url = reverse('rest_user_details')
+        self.user_authenticated_status_url = reverse('rest_auth_status')
        self.verify_email_url = reverse('rest_verify_email')
        self.fb_login_url = reverse('fb_login')
        self.tw_login_url = reverse('tw_login')
--- a/rest_auth/urls.py
+++ b/rest_auth/urls.py
@ -2,7 +2,7 @@ from django.conf.urls import url

 from rest_auth.views import (
    LoginView, LogoutView, UserDetailsView, PasswordChangeView,
-    PasswordResetView, PasswordResetConfirmView
+    PasswordResetView, PasswordResetConfirmView, UserAuthenticationStatusView
 )

 urlpatterns = [
@ -15,6 +15,8 @@ urlpatterns = [
    # URLs that require a user to be logged in with a valid session / token.
    url(r'^logout/$', LogoutView.as_view(), name='rest_logout'),
    url(r'^user/$', UserDetailsView.as_view(), name='rest_user_details'),
+    url(r'^user/status/$', UserAuthenticationStatusView.as_view(), 
+        name='rest_auth_status'),
    url(r'^password/change/$', PasswordChangeView.as_view(),
        name='rest_password_change'),
 ]
--- a/rest_auth/views.py
+++ b/rest_auth/views.py
@ -14,6 +14,7 @@ from rest_framework.views import APIView
 from rest_framework.response import Response
 from rest_framework.generics import GenericAPIView, RetrieveUpdateAPIView
 from rest_framework.permissions import IsAuthenticated, AllowAny
+from rest_framework.authentication import SessionAuthentication, TokenAuthentication

 from .app_settings import (
    TokenSerializer, UserDetailsSerializer, LoginSerializer,
@ -153,6 +154,27 @@ class UserDetailsView(RetrieveUpdateAPIView):
        return get_user_model().objects.none()


+class UserAuthenticationStatusView(APIView):
+    """
+    Checks is_authenticated attribute for User attached to request.
+    Accepts GET method.
+
+    Returns True/False indicator for if user is authenticated.
+    """
+    authentication_classes = (TokenAuthentication,)
+    permission_classes = ()
+
+    def get(self, request, *args, **kwargs):
+        if hasattr(self.request, "user") and self.request.user.is_authenticated:
+            return Response(
+                {"authenticated": True}, status=status.HTTP_200_OK
+            )
+
+        return Response(
+            {"authenticated": False}, status=status.HTTP_401_UNAUTHORIZED
+        )
+
+
 class PasswordResetView(GenericAPIView):
    """
    Calls Django Auth PasswordResetForm save method.